In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-19 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Development >
Share
Shulou(Shulou.com)06/02 Report--
This article mainly introduces how to configure the docker network, has a certain reference value, interested friends can refer to, I hope you can learn a lot after reading this article, the following let the editor take you to understand it.
The Linux kernel implements the creation of namespaces
Ip netns command
Various operations on Network Namespace can be done with the ip netns command. The ip netns command comes from the iproute installation package, which is usually installed by default. If not, please install it yourself.
Note: sudo permission is required when the ip netns command modifies the network configuration.
You can use the ip netns command to complete the operation on Network Namespace, and you can view the command help information through ip netns help:
[root@master] # ip netns helpUsage: ip netns list ip netns add NAME ip netns attach NAME PID ip netns set NAME NETNSID ip [- all] netns delete [NAME] ip netns identify [PID] ip netns pids NAME ip [- all] netns exec [NAME] cmd. Ip netns monitor ip netns list-id [target-nsid POSITIVE-INT] [nsid POSITIVE-INT] NETNSID: = auto | POSITIVE-INT [root@master ~] # ip netns list [root@master ~] # ip netns add ns0 [root@master ~] # ip netns listns0 [root@master ~] # ls / var/run/netnsns0 [root@master ~] # ip netns add ns0Cannot create namespace file "/ var/run/netns/ns0": File exists [root@master ~] # touch / var/run/netns / ns1 [root@master ~] # ip netns listError: Peer netns reference is invalid.Error: Peer netns reference is invalid.ns1ns0 [root@master ~] # ip netns del ns1 [root@master ~] # ip netns listns0 Operation Network Namespace
The ip command provides the ip netns exc subcommand to execute the command in the corresponding Network Namespace.
View the Nic information of the newly created Network Namespace
[root@master ~] # ip netns exec ns0 ip addr1: lo: mtu 65536 qdisc noop state DOWN group default qlen 1000 link/loopback 00lo 0000 brd 000000 brd 000000000000 you can see that a lo loopback network card will be created by default in the newly created lo. At this time, the network card is closed. At this point, try to ping the lo loopback network card You will prompt Network is unreachable [root@master ~] # ip netns exec ns0 ping 127.0.0.1connect: the network is unreachable by using the following command to enable the lo loop Nic [root@master ~] # ip netns exec ns0 ip link set lo up [root@master ~] # ip netns exec ns0 ping 127.0.0.1PING 127.0.0.1 (127.0.0.1) 56 (84) bytes of data.64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 Time=0.024 ms64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.019 ms
Transfer equipment
We can transfer devices (such as veth) between different Network Namespace. Since a device can only belong to one Network Namespace, the device will not be visible in this Network Namespace after transfer.
Among them, veth devices belong to transferable devices, while many other devices (such as lo, vxlan, ppp, bridge, etc.) can not be transferred.
Veth pair
Veth pair, whose full name is Virtual Ethernet Pair, is a pair of ports, and all packets entering from one end of this pair of ports will come out from the other, and vice versa.
Veth pair is introduced to communicate directly in different Network Namespace, which can be used to connect two Network Namespace directly.
Create veth pair [root@master ~] # ip A1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00 scope host valid_lft forever preferred_lft forever2: ens33: mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00 : 0c:29:d7:ce:07 brd ff:ff:ff:ff:ff:ff inet 192.168.197.131/24 brd 192.168.197.255 scope global dynamic noprefixroute ens33 valid_lft 1522sec preferred_lft 1522sec inet6 fe80::1f2f:a9f9:78a7:7cc/64 scope link noprefixroute valid_lft forever preferred_lft forever3: virbr0: mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 52:54:00:f1:42:78 brd ff:ff:ff : ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever4: virbr0-nic: mtu 1500 qdisc fq_codel master virbr0 state DOWN group default qlen 1000 link/ether 52:54:00:f1:42:78 brd ff:ff:ff:ff:ff:ff5: docker0: mtu 1500 qdisc noqueue state UP group default link/ether 02:42:b8:38:aa:7d brd ff:ff:ff : ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever inet6 fe80::42:b8ff:fe38:aa7d/64 scope link valid_lft forever preferred_lft forever7: veth3672252@if6: mtu 1500 qdisc noqueue master docker0 state UP group default link/ether ca:56:6c:07:de:af brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet6 fe80::c856 : 6cff:fe07:deaf/64 scope link valid_lft forever preferred_lft forever [root@master ~] # ip link add type veth [root@master ~] # ip A1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 0000VlV 0000VlV 0000VO 00 brd 0000VlO 0000VlV 0000GUBE 00 inet 127.0.0.1 8 scope host lo valid_lft forever preferred_lft forever inet6:: 1Accord128 scope host Valid_lft forever preferred_lft forever2: ens33: mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:d7:ce:07 brd ff:ff:ff:ff:ff:ff inet 192.168.197.131/24 brd 192.168.197.255 scope global dynamic noprefixroute ens33 valid_lft 1499sec preferred_lft 1499sec inet6 fe80::1f2f:a9f9:78a7:7cc/64 scope link noprefixroute valid_lft forever preferred_lft forever3: virbr0: mtu 1500 Qdisc noqueue state DOWN group default qlen 1000 link/ether 52:54:00:f1:42:78 brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever4: virbr0-nic: mtu 1500 qdisc fq_codel master virbr0 state DOWN group default qlen 1000 link/ether 52:54:00:f1:42:78 brd ff:ff:ff:ff:ff:ff5: docker0: mtu 1500 qdisc noqueue state UP group default link/ether 02:42:b8:38:aa:7d brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever inet6 fe80::42:b8ff:fe38:aa7d/64 scope link valid_lft forever preferred_lft forever7: veth3672252@if6: mtu 1500 qdisc noqueue master docker0 state UP group default link/ether ca:56: 6c:07:de:af brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet6 fe80::c856:6cff:fe07:deaf/64 scope link valid_lft forever preferred_lft forever10: veth0@veth2: mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether a2:0f:68:39:2c:fd brd ff:ff:ff:ff:ff:ff11: veth2@veth0: mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether e6:e9:55:96 : 60:35 brd ff:ff:ff:ff:ff:ff
As you can see, a new pair of veth pair is added to the system at this time, connecting the two virtual network cards veth0 and veth2, which is in a "not enabled" state for veth pair.
Implement inter-Network Namespace communication [root@master ~] # ip netns listns0 [root@master ~] # ip netns add ns1 [root@master ~] # ip link set veth0 netns ns0 [root@master ~] # ip link set veth2 netns ns1 [root@master ~] # ip netns exec ns0 ip link set veth0 up [root@master ~] # ip netns exec ns0 ip addr add 192.168.2.1 root@master 24 dev veth0 [root@master ~] # ip netns exec ns1 ip link set veth2 up [root@master ~] # ip Netns exec ns1 ip addr add 192.168.2.2 netns exec ns1 ip addr add 192.168.2.2 root@master 24 dev veth2 [root@master ~] # ip netns exec ns0 ip A1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 0000 scope host valid_lft forever preferred_lft forever10: veth0@if11 : mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether a2:0f:68:39:2c:fd brd ff:ff:ff:ff:ff:ff link-netns ns1 inet 192.168.2.1 24 scope global veth0 valid_lft forever preferred_lft forever inet6 fe80::a00f:68ff:fe39:2cfd/64 scope link valid_lft forever preferred_lft forever [root@master ~] # ip netns exec ns1 ip A1: lo: mtu 65536 qdisc noop state DOWN group default Qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:0011: veth2@if10: mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether e6:e9:55:96:60:35 brd ff:ff:ff:ff:ff:ff link-netns ns0 inet 192.168.2.2/24 scope global veth2 valid_lft forever preferred_lft forever inet6 fe80::e4e9:55ff:fe96:6035/64 scope link Valid_lft forever preferred_lft forever [root@master ~] # ip netns exec ns1 ping 192.168.2.1PING 192.168.2.1 (192.168.2.1) 56 (84) bytes of data.64 bytes from 192.168.2.1: icmp_seq=1 ttl=64 time=0.037 ms64 bytes from 192.168.2.1: icmp_seq=2 ttl=64 time=0.028 ms
As you can see, veth pair successfully implements the network interaction between two different Network Namespace.
Veth device renaming
[root@master ~] # ip netns exec ns0 ip link set veth0 down [root@master ~] # ip netns exec ns0 ip link set veth0 down [root@master ~] # ip netns exec ns0 ip link set veth0 down [root@master ~] # ip netns exec ns0 ip A1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00VlV 0000VlV 0000VlV 00VOO brd 00VOO 00VlV 00Rl00 inet 127.0.0.1After 8 scope host lo valid _ lft forever preferred_lft forever inet6:: 1root@master 128 scope host valid_lft forever preferred_lft forever10: veth0@if11: mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether a2:0f:68:39:2c:fd brd ff:ff:ff:ff:ff:ff link-netns ns1 inet 192.168.2.1 Accord 24 scope global veth0 valid_lft forever preferred_lft forever [root@master ~] # ip netns exec ns1 ip link set veth2 down [root@master ~ ] # ip netns exec ns1 ip link set dev veth2 name eth0 [root@master ~] # ip netns exec ns1 ip link set eth0 [root@master ~] # ip netns exec ns1 ip A1: lo: mtu 65536 qdisc noop state DOWN group default qlen 1000 link/loopback 000000VlV 000000Rd 0000 brd 0000VOLO 0000VIED 000011: eth0@if10: mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether e6:e9:55:96:60:35 brd ff:ff:ff: Ff:ff:ff link-netns ns0 inet 192.168.2.2 Compact 24 scope global eth0 valid_lft forever preferred_lft forever four network mode configuration
Bridge mode
[root@master ~] # docker pull busyboxUsing default tag: latestlatest: Pulling from library/busybox3aab638df1a9: Pull complete Digest: sha256:52817dece4cfe26f581c834d27a8e1bcc82194f914afe6d50afad5a101234ef1Status: Downloaded newer image for busybox:latestdocker.io/library/busybox:latest [root@master ~] # docker run-it-- name b1-- rm busybox #-- rm automatically destroys the container after deleting or stopping the container / # ip A1: lo: mtu 65536 qdisc noqueue qlen 1000 link/loopback 00lv 00lv 00lv 0000 brd 00lv 0000Pulling from library/busybox3aab638df1a9 00 00:00 inet 127.0.0.1 scope host lo valid_lft forever preferred_lft forever12: eth0@if13: mtu 1500 qdisc noqueue link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff inet 172.17.0.3 scope global eth0 valid_lft forever preferred_lft forever/ 16 brd 172.17.255.255 scope global eth0 valid_lft forever preferred_lft forever/ # exit [root@master ~] # docker run-it-- name b1- -network bridge-- rm busybox/ # ip A1: lo: mtu 65536 qdisc noqueue qlen 1000 link/loopback inet: eth0@if15: mtu 1500 qdisc noqueue link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff inet 172.17.0. 3/16 brd 172.17.255.255 scope global eth0 valid_lft forever preferred_lft forever/ # exit
None mode
[root@master ~] # docker run-it-- name b2-- rm-- network none busybox/ # ip A1: lo: mtu 65536 qdisc noqueue qlen 1000 link/loopback 0000 brd 0000 brd 0000 inet 127.0.0.1 Ultra8 scope host lo valid_lft forever preferred_lft forever/ # exit uses none mode, and the Docker container has its own Network Namespace, but there is no network configuration for the Docker container. In other words, the Docker container does not have network card, IP, routing and other information. We need to add network cards, configure IP, etc., for the Docker container.
Container mode
[root@master] # docker run-it-- name b3-- rm busybox/ # ip A1: lo: mtu 65536 qdisc noqueue qlen 1000 link/loopback 0000VlV 0000GLV 0000RV 0000 brd 0000VOLV 0000LV 00LV 0000 inet 127.0.0.1 Grammer 8 scope host lo valid_lft forever preferred_lft forever16: eth0@if17: mtu 1500 qdisc noqueue link/ether 02:42:ac:11:00:03 brd ff:ff:ff: Ff:ff:ff inet 172.17.0.3 ff:ff:ff inet 16 brd 172.17.255.255 scope global eth0 valid_lft forever preferred_lft forever opens a new terminal [root@master] # docker run-it-- name b4-- rm-- network container:b3 busybox/ # ip A1: lo: mtu 65536 qdisc noqueue qlen 1000 link/loopback 00lv 0000 brd 00lv 00lv 00lv 0000VL 00VO 00VO 00VO 127.0.0.1 / 8 scope host lo valid_lft forever preferred_lft forever16: eth0@if17: mtu 1500 qdisc noqueue link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff inet 172.17.0.3 brd 16 brd 172.17.255.255 scope global eth0 valid_lft forever preferred_lft forever create a file on b3 / # lsbin dev etc home proc root sys tmp usr var/ # mkdir yy View / # lsbin dev etc home proc root sys tmp usr var on b4 to create a website on b3 / # echo "aaa." > bbb/index.html/ # httpd-h bbb// # netstat-antlActive Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0: 80:: * LISTE# visits / # wget-qO-172.17.0.2aaa/ # # on b4 The relationship between containers in container mode is equivalent to two different processes on a host.
This mode specifies that the newly created container and an existing container share a Network Namespace rather than with the host. Instead of creating its own Nic and configuring its own IP, the newly created container shares IP, port range, and so on with a specified container. Similarly, apart from the network, the two containers are isolated, such as file systems, process lists, and so on. The processes of the two containers can communicate through the lo network card device.
Host mode
When starting the container, it directly indicates that the mode is host
[root@master] # docker run-it-- name b5-- rm-- network host busybox/ # ip a 1: lo: mtu 65536 qdisc noqueue qlen 1000 link/loopback 0000 scope host valid_lft forever preferred_lft forever2: ens33: mtu 1500 qdisc fq_ Codel qlen 1000 link/ether 00:0c:29:d7:ce:07 brd ff:ff:ff:ff:ff:ff inet 192.168.197.131/24 brd 192.168.197.255 scope global dynamic noprefixroute ens33 valid_lft 1741sec preferred_lft 1741sec inet6 fe80::1f2f:a9f9:78a7:7cc/64 scope link noprefixroute valid_lft forever preferred_lft forever3: virbr0: mtu 1500 qdisc noqueue qlen 1000 link/ether 52:54:00:f1:42:78 brd ff : ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever4: virbr0-nic: mtu 1500 qdisc fq_codel master virbr0 qlen 1000 link/ether 52:54:00:f1:42:78 brd ff:ff:ff:ff:ff:ff5: docker0: mtu 1500 qdisc noqueue link/ether 02:42:b8:38:aa:7d brd ff:ff:ff:ff:ff : ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever inet6 fe80::42:b8ff:fe38:aa7d/64 scope link valid_lft forever preferred_lft forever7: veth3672252@if6: mtu 1500 qdisc noqueue master docker0 link/ether ca:56:6c:07:de:af brd ff:ff:ff:ff:ff:ff inet6 fe80::c856:6cff:fe07:deaf/64 scope link Valid_lft forever preferred_lft forever/ # mkdir www/ # echo "ccc" > www/index.html/ # httpd-h www// # [root@master ~] # ip A1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00 scope host lo valid_lft forever preferred_lft forever inet6:: 1 / 128 scope host valid_lft forever preferred_lft forever2: ens33: mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:d7:ce:07 brd ff:ff:ff:ff:ff:ff inet 192.168.197.131/24 brd 192.168.197.255 scope global dynamic noprefixroute ens33 valid_lft 1730sec preferred_lft 1730sec inet6 fe80::1f2f:a9f9:78a7:7cc/64 scope link noprefixroute valid_lft forever preferred_lft forever3 : virbr0: mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 52:54:00:f1:42:78 brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever4: virbr0-nic: mtu 1500 qdisc fq_codel master virbr0 state DOWN group default qlen 1000 link/ether 52:54:00:f1:42:78 brd ff:ff:ff:ff:ff: Ff5: docker0: mtu 1500 qdisc noqueue state UP group default link/ether 02:42:b8:38:aa:7d brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever inet6 fe80::42:b8ff:fe38:aa7d/64 scope link valid_lft forever preferred_lft forever7: veth3672252@if6: mtu 1500 qdisc noqueue master docker0 state UP group default link Common operations of / ether ca:56:6c:07:de:af brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet6 fe80::c856:6cff:fe07:deaf/64 scope link valid_lft forever preferred_lft forever [root@master ~] # curl 192.168.197.131ccc container [root@master ~] # docker run-it-- name b6-- rm busybox/ # hostnameef156ee78b70/ # exit [root@master ~] # docker run-it-- name b6 -- hostname yanghaixx busybox/ # hostname yanghaixx/ # cat / etc/hosts127.0.0.1 localhost::1 localhost ip6-localhost ip6-loopbackfe00::0 ip6-localnetff00::0 ip6-mcastprefixff02::1 ip6-allnodesff02::2 ip6-allrouters172.17.0.3 yanghaixx/ # cat / etc/resolv.conf # Generated by NetworkManagersearch localdomainnameserver 192.168.197.2 / # ping baidu.comPING baidu.com (220.181.38.148): 56 data bytes64 bytes from 220.181.38.148: seq=0 ttl=127 time=25.224 ms64 bytes from 220.181.38.148: seq=1 ttl=127 time=24.795 ms [root@master ~] # docker run-it-- rm-- name b7-- dns 8.8.8.8-- hostname yanghaixx busybox/ # cat / etc/resolv.conf search localdomainnameserver 8.8.8.8 / # exit. [root@master ~] # docker run-it-name b7-rm-hostname yanghaixx-add-host baidu.com:0 .0.0.0 busybox/ # cat / etc/hosts127.0.0.1 localhost::1 localhost ip6-localhost ip6-loopbackfe00::0 ip6-localnetff00::0 ip6-mcastprefixff02::1 ip6-allnodesff02::2 ip6-allrouters0.0.0.0 baidu.com172.17.0.3 yanghaixx
Port mapping
There is a-p option when performing docker run, which can map the application port in the container to the host, so that the external host can access the application in the container by accessing a port of the host.
The-p option can be used multiple times, and the port it can expose must be the port on which the container is actually listening. The format of the-p option:-p maps the specified container port to all addresses of the host. A dynamic port refers to a random port. The specific mapping result can be viewed using the docker port command. [root@master] # docker run-d-- name web1-- rm-p 80 yanghaixx/nginx:v262029a5977a06e07ab5b40c78ce60e9cc519364512bc2e6d5785afd7dc1e090f [root@master ~] # docker port web180/tcp-> 0.0.0.0:4915380/tcp->:: 49153 [root@master ~] # curl 192.168.197.131:49153Welcome to nginx! Body {width: 35eme; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif;} Welcome to nginx!
If you see this page, the nginx web server is successfully installed andworking. Further configuration is required.
For online documentation and support please refer tonginx.org.Commercial support is available atnginx.com.
Thank you for using nginx.
Map the container port to the designated port of the host
[root@master ~] # docker run-itd-- name web2-- rm-p 2525 name web2 80 yanghaixx/nginx:v262a93a8ef40eec981b2d1682da92523027999991b0294782be38d4565b210ff8 [root@master ~] # docker port web280/tcp-> 0.0.0.0:252580/tcp->:: 2525 [root@master ~] # curl 192.168.197.131:2525Welcome to nginx! Body {width: 35eme; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif;} Welcome to nginx!
If you see this page, the nginx web server is successfully installed andworking. Further configuration is required.
For online documentation and support please refer tonginx.org.Commercial support is available atnginx.com.
Thank you for using nginx.
Customize the network property information for the docker0 bridge
Customizing the network property information of the docker0 bridge requires modification of the / etc/docker/daemon.json configuration file
[root@master ~] # vim / etc/docker/daemon.json [root@master ~] # cat / etc/docker/daemon.json {"registry-mirrors": ["https://q9u587gb.mirror.aliyuncs.com"]" bip ":" 192.168.2.1 journalctl 24 "} See" systemctl status docker.service "and" journalctl-xe "for details. [root@master ~] # ip A1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 Link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6:: 1/128 scope host valid_lft forever preferred_lft forever2: ens33: mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:d7:ce:07 brd ff:ff:ff:ff:ff:ff inet 192.168 . 197.131/24 brd 192.168.197.255 scope global dynamic noprefixroute ens33 valid_lft 1690sec preferred_lft 1690sec inet6 fe80::1f2f:a9f9:78a7:7cc/64 scope link noprefixroute valid_lft forever preferred_lft forever3: virbr0: mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 52:54:00:f1:42:78 brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global Virbr0 valid_lft forever preferred_lft forever4: virbr0-nic: mtu 1500 qdisc fq_codel master virbr0 state DOWN group default qlen 1000 link/ether 52:54:00:f1:42:78 brd ff:ff:ff:ff:ff:ff5: docker0: mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:97:2a:95:42 brd ff:ff:ff:ff:ff:ff inet 192.168.2.1/24 brd 192.168.2.255 scope global Docker0 valid_lft forever preferred_lft forever inet6 fe80::42:97ff:fe2a:9542/64 scope link valid_lft forever preferred_lft forever
Docker creates a custom bridge
[root@master ~] # vim / etc/docker/daemon.json [root@master ~] # cat / etc/docker/daemon.json {"registry-mirrors": ["https://q9u587gb.mirror.aliyuncs.com"]" bip ":" 192.168.2.1 journalctl 24 "} See" systemctl status docker.service "and" journalctl-xe "for details. [root@master ~] # ip A1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 Link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6:: 1/128 scope host valid_lft forever preferred_lft forever2: ens33: mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:d7:ce:07 brd ff:ff:ff:ff:ff:ff inet 192.168 . 197.131/24 brd 192.168.197.255 scope global dynamic noprefixroute ens33 valid_lft 1690sec preferred_lft 1690sec inet6 fe80::1f2f:a9f9:78a7:7cc/64 scope link noprefixroute valid_lft forever preferred_lft forever3: virbr0: mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 52:54:00:f1:42:78 brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global Virbr0 valid_lft forever preferred_lft forever4: virbr0-nic: mtu 1500 qdisc fq_codel master virbr0 state DOWN group default qlen 1000 link/ether 52:54:00:f1:42:78 brd ff:ff:ff:ff:ff:ff5: docker0: mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:97:2a:95:42 brd ff:ff:ff:ff:ff:ff inet 192.168.2.1/24 brd 192.168.2.255 scope global Docker0 valid_lft forever preferred_lft forever inet6 fe80::42:97ff:fe2a:9542/64 scope link valid_lft forever preferred_lft forever
Use the newly created custom bridge to create the container:
[root@master ~] # docker run-itd-- name web-- network br0-- rm yanghaixx/nginx:v2aec728f703567b36016cf09cde1ffd1036673d7c2d961cae0b81cd09721d5cb9 [root@master ~] # docker exec-it web / bin/bash [root@aec728f70356 /] # ip A1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 0000VlV 0000VL 0000VL 0000VL 0000Vt inet 127.0.0.1Univ 8 scope host lo valid_lft forever preferred_lft forever31: eth0 If32: mtu 1500 qdisc noqueue state UP group default link/ether 02:42:ac:11:01:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 172.17.1.2 scope global eth0 valid_lft forever preferred_lft forever 24 brd 172.17.1.255
Create another container and use the default bridge bridge:
[root@master ~] # docker run-itd-- name web02-- rm luojiatian1904/nginx:v24ee412be6d20b96a18f0b6fc0062beefc2192d906b212134b362ec41be5144ff [root@master ~] # docker exec-it web02 / bin/bash [root@4ee412be6d20 /] # ip A1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 0000Vista 0000VOO 00 brd 0000VOV00VOO 0000VOLGUBE 0000VOLO 00 inet 127.0.0.1 Mtu 1500 qdisc noqueue state UP group default link/ether 02:42:c0:a8:02:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 192.168.2.2/24 brd 192.168.2.255 scope global eth0 valid_lft forever preferred_lft forever [root@4ee412be6d20 /] #
Just imagine, can b2 and b1 communicate with each other at this time? If not, how to achieve communication
# run two containers on different network segments [root@master ~] # docker run-itd-- name web-- network br0-- rm yanghaixx/nginx:v2aec728f703567b36016cf09cde1ffd1036673d7c2d961cae0b81cd09721d5cb9 [root@master ~] # docker exec-it web / bin/bash [root@aec728f70356 /] # ip A1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00lV 0000lv 0000Vue 00 brd 00RV 00VL 0000Rd 00 inet 127.0.0.1Lver 8 scope host lo Valid_lft forever preferred_lft forever31: eth0@if32: mtu 1500 qdisc noqueue state UP group default link/ether 02:42:ac:11:01:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 172.17.1.2 root@master 24 brd 172.17.1.255 scope global eth0 valid_lft forever preferred_lft forever [root@master] # docker run-itd-- name web02-- rm yanghaixx/nginx:v24ee412be6d20b96a18f0b6fc0062beefc2192d906b212134b362ec41be5144ff [root@master ~] # Docker exec-it web02 / bin/bash [root@4ee412be6d20 /] # ip A1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 0000 scope host lo valid_lft forever preferred_lft forever33: eth0@if34: mtu 1500 qdisc noqueue state UP group default link/ether 02:42:c0:a8:02:02 brd ff:ff:ff : ff:ff:ff link-netnsid 0 inet 192.168.2.2 Plus 24 brd 192.168.2.255 scope global eth0 valid_lft forever preferred_lft forever [root@master ~] # docker ps-aCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES4ee412be6d20 luojiatian1904/nginx:v2 "/ usr/local/nginx/sb …" 2 minutes ago Up 2 minutes web02aec728f70356 luojiatian1904/nginx:v2 "/ usr/local/nginx/sb …" 2 minutes ago Up 2 minutes web
Connect the br0 network (C1) to c2 (one container runs two bridges)
[root@master ~] # docker network connect br0 aec728f70356 (web Container ID) [root@4ee412be6d20 /] # ip A1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 0000Groupe 0000GetWord ("000000") brd 0000VOG00VlG0000VlG000000VOLGUBE 0000GUBG 0000 inet 127.0.0.1 8 scope host lo valid_lft forever preferred_lft forever33: eth0@if34: mtu 1500 qdisc noqueue state UP group default link/ether 02:42:c0:a8: 02:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 192.168.2.2/24 brd 192.168.2.255 scope global eth0 valid_lft forever preferred_lft forever35: eth2@if36: mtu 1500 qdisc noqueue state UP group default link/ether 02:42:ac:11:01:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 172.17.1.3/24 brd 172.17.1.255 scope global eth2 Valid_lft forever preferred_lft forever [root@4ee412be6d20 /] # ping 172.17.1.2PING 172.17.1.2 (172.17.1.2) 56 (84) bytes of data.64 bytes from 172.17.1.2: icmp_seq=1 ttl=64 time=0.095 ms Thank you for reading this article carefully I hope the article "how to configure the Network with docker" shared by the editor will be helpful to everyone. At the same time, I also hope that you will support and pay attention to the industry information channel. More related knowledge is waiting for you to learn!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
